Sneaky robot peering out from behind brick wall

NEWS

Shadow AI Use Spreads in Health Systems, Raising Safety and Compliance Risks

January 19, 2026

A new Wolters Kluwer Health survey finds that unauthorized artificial intelligence tools — often called “shadow AI” — are being widely used across U.S. hospitals and health systems, even for clinical tasks, signaling emerging risk and governance gaps in healthcare technology management.

The survey polled more than 500 healthcare professionals and administrators late last year and found that 40 % had encountered unauthorized AI tools at work and nearly 20 % admitted to using them, despite the lack of formal enterprise approval.

‍

Why Shadow AI Is Emerging

Healthcare workers report turning to unsanctioned AI solutions largely because officially supported tools are not meeting workflow needs. Many respondents cited speed and functionality as the primary reasons for using these external tools, suggesting that clinicians and administrative staff will experiment with AI to streamline documentation or review data if approved systems lag behind expectations.

This trend reflects a broader shift in the healthcare workforce toward integrating technology into daily tasks, but it also highlights a critical oversight: many organizations lack clear governance or policies governing AI use, leaving staff to adopt tools in ways that may circumvent security, compliance, and clinical safeguards.

‍

Rising Concerns: Safety, Privacy and Compliance

While respondents expressed optimism about AI’s long-term potential to improve healthcare delivery, they also identified patient safety and data privacy as top concerns. About one in four cited safety risks related to inaccurate AI outputs, and nearly a quarter expressed worry about privacy and data breaches — especially when sensitive information is entered into external, unapproved systems.

There was also a disconnect between administrators and providers in terms of awareness and involvement in policy development. Administrators were far more likely to be part of creating AI policies compared with frontline providers, yet overall awareness of AI policy details remains low.

Healthcare IT experts argue that governance and compliance must catch up with usage patterns. Without formal frameworks outlining approved tools, training on risk mitigation, and clear boundaries for clinical use, shadow AI will continue to proliferate — potentially exposing systems to legal and reputational challenges.

Our team is your team.

Get a quote

What It Means for Healthcare Organizations

This survey shines a spotlight on a fast-moving but largely unmanaged shift in healthcare technology adoption. As AI tools become more accessible and powerful, clinicians are integrating them into workflows to improve efficiency and reduce administrative burden. Yet without enterprise-level oversight — including vetted tools, training, and governance structures — organizations may face increased risk of:

Patient safety incidents due to unvalidated outputs
Data privacy breaches involving sensitive health information
Regulatory non-compliance under standards like HIPAA

In many cases, shadow AI use reflects a deeper tension between frontline staff trying to solve practical problems and organizational leaders struggling to provide sanctioned alternatives.

‍

Managing Liability and Tech Risk

At Western Summit, we recognize that technology adoption in healthcare — including the use of AI — presents both opportunity and risk for hospitals, physician groups, and health systems. The rise of shadow AI underscores the need for rigorous risk assessment, policy clarity, and compliance alignment when it comes to integrating new tools into clinical and operational workflows.

As a specialty broker focused on medical professional liability and risk management, Western Summit helps organizations:

Evaluate coverage implications tied to emerging technology use
Understand the intersection of shadow AI practices and liability exposure
Develop risk mitigation strategies that align with organizational governance priorities

In an era where technology-enabled efficiency can rapidly outpace policy development, our expertise supports healthcare leaders in balancing innovation with patient safety, regulatory compliance, and operational risk resilience.